Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

SSH Log on Open Indiana

Posted on 2011-09-20
4
Medium Priority
?
1,323 Views
Last Modified: 2012-05-12
Hello,
I would like to have log of my SSH server on my OpenIndiana. Unfortunatly there is zero auth log in the log file (/var/log/* or /var/adm/*)
So i have edit my /etc/syslog.conf :
#Default 
*.err;kern.notice;auth.notice                   /dev/sysmsg
*.err;kern.debug;daemon.notice;mail.crit        /var/adm/messages
# My add
*.info                                          /var/log/test.info
auth.*  /var/log/authlog.log

Open in new window

and here is my /etc/ssh/sshd_config
# Syslog facility and level
SyslogFacility auth
LogLevel info

Open in new window


I have then restarted the syslog daemon and my ssh server but still no log. No  /var/log/authlog.log and strangly /var/log/test.info , normally all bin sending INFO log should go into that file which is not yet created...I should miss something!
Thanks for help
0
Comment
Question by:numtech
  • 2
4 Comments
 
LVL 6

Assisted Solution

by:Tomunique
Tomunique earned 600 total points
ID: 36573912
I can't speak for your OS.  On our system (different flavor of unix), the output file must exist before syslog will write to it.

Try
touch /var/log/test.info

then restart your syslog deamon.
0
 
LVL 22

Accepted Solution

by:
Brian Utterback earned 1400 total points
ID: 36574434
You have two problems here, possibly three.

One, as noted above, the file must exist, syslogd will not create it.
Two, "auth.*" is not valid. You can not use an asterisk for the priority, only for the facility. The priority is specified by name, and that name says to log all messages of that priority and higher. So, to log all message priorities, use "debug".
Third, you may not have this problem but it often trips people up.  You cannot use spaces between the entries in the syslog.conf file, only tabs will work. Check to see if you have tabs or spaces.
0
 

Author Comment

by:numtech
ID: 36574680
It works!
First, i was using /lib/svc/method/system-log restart which actually dont restart anything! so using
svcadm restart svc:/system/system-log:default works better ;)
i have then remove the auth.* and replace it by auth.debug and created the file by touch.
Thanks again

0
 

Author Closing Comment

by:numtech
ID: 36574691
Simple and clear.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My previous tech tip, Installing the Solaris OS From the Flash Archive On a Tape (http://www.experts-exchange.com/articles/OS/Unix/Solaris/Installing-the-Solaris-OS-From-the-Flash-Archive-on-a-Tape.html), discussed installing the Solaris Operating S…
Hello to you all, I hear of many people congratulate AWS (Amazon Web Services) on how easy it is to spin up and create new EC2 (Elastic Compute Cloud) instances, but then fail and struggle to connect to them using simple tools such as SSH (Secure…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses
Course of the Month9 days, 20 hours left to enroll

927 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question